Restrict Internet Access in Windows 2008 Terminal Server
we need solution restricting internet access user on windows server 2008 terminal server, using internet explorer 8. have attempted implementing invalid proxy server on user whom internet access needs denied, caused problems slowness , pages failing load users not need restricted - removing proxy user corrected these problems.
thanks,
matt
hi matt -
you're on right track. i've not had reason try 2008 yet, in our 2003 environment use logon script change proxy server based on computer name. iirc, needed use script in order change hkcu registry keys since gpo changed them @ computer level not want in ts environment. anyway, scripting skills pretty bad works , you're welcome use it...
-------------------------------------------------------------------------------
on error resume next
set objnetwork = createobject("wscript.network")
set sh = wscript.createobject("wscript.shell")
sys = ucase(sh.expandenvironmentstrings("%clientname%"))
fndsw=0
select case sys
'------------------- shops ------------------------'
case "term01"
fndsw=1
'---------------- education ---------------------'
case "term02"
fndsw=2
'------------------------------------------------'
end select
if fndsw=1 then
key = "hkey_current_user\software\microsoft\windows\currentversion\internet settings\"
itemtype1 = "reg_dword"
itemtype2 = "reg_sz"
value1 = "proxyenable"
data1 = "1"
value2 = "proxyserver"
data2 = "345.678.910.111:99"
value3 = "proxyoverride"
data3 = "*.gov"
sh.regwrite key & value1, data1, itemtype1
sh.regwrite key & value2, data2, itemtype2
sh.regwrite key & value3, data3, itemtype2
elseif fndsw=2 then
key = "hkey_current_user\software\microsoft\windows\currentversion\internet settings\"
itemtype1 = "reg_dword"
itemtype2 = "reg_sz"
value1 = "proxyenable"
data1 = "1"
value2 = "proxyserver"
data2 = "345.678.910.111:99"
value3 = "proxyoverride"
data3 = "<local>"
sh.regwrite key & value1, data1, itemtype1
sh.regwrite key & value2, data2, itemtype2
sh.regwrite key & value3, data3, itemtype2
else
key = "hkey_current_user\software\microsoft\windows\currentversion\internet settings\"
itemtype1 = "reg_dword"
itemtype2 = "reg_sz"
value1 = "proxyenable"
data1 = "1"
value2 = "proxyserver"
data2 = "345.678.910.111:99"
value3 = "proxyoverride"
data3 = ""
sh.regwrite key & value1, data1, itemtype1
sh.regwrite key & value2, data2, itemtype2
sh.regwrite key & value3, data3, itemtype2
msgbox "internet access has been disabled terminal. please contact sytem administrator"
end if
------------------------------------------------------------------------------------------------
luck,
tom
you're on right track. i've not had reason try 2008 yet, in our 2003 environment use logon script change proxy server based on computer name. iirc, needed use script in order change hkcu registry keys since gpo changed them @ computer level not want in ts environment. anyway, scripting skills pretty bad works , you're welcome use it...
-------------------------------------------------------------------------------
on error resume next
set objnetwork = createobject("wscript.network")
set sh = wscript.createobject("wscript.shell")
sys = ucase(sh.expandenvironmentstrings("%clientname%"))
fndsw=0
select case sys
'------------------- shops ------------------------'
case "term01"
fndsw=1
'---------------- education ---------------------'
case "term02"
fndsw=2
'------------------------------------------------'
end select
if fndsw=1 then
key = "hkey_current_user\software\microsoft\windows\currentversion\internet settings\"
itemtype1 = "reg_dword"
itemtype2 = "reg_sz"
value1 = "proxyenable"
data1 = "1"
value2 = "proxyserver"
data2 = "345.678.910.111:99"
value3 = "proxyoverride"
data3 = "*.gov"
sh.regwrite key & value1, data1, itemtype1
sh.regwrite key & value2, data2, itemtype2
sh.regwrite key & value3, data3, itemtype2
elseif fndsw=2 then
key = "hkey_current_user\software\microsoft\windows\currentversion\internet settings\"
itemtype1 = "reg_dword"
itemtype2 = "reg_sz"
value1 = "proxyenable"
data1 = "1"
value2 = "proxyserver"
data2 = "345.678.910.111:99"
value3 = "proxyoverride"
data3 = "<local>"
sh.regwrite key & value1, data1, itemtype1
sh.regwrite key & value2, data2, itemtype2
sh.regwrite key & value3, data3, itemtype2
else
key = "hkey_current_user\software\microsoft\windows\currentversion\internet settings\"
itemtype1 = "reg_dword"
itemtype2 = "reg_sz"
value1 = "proxyenable"
data1 = "1"
value2 = "proxyserver"
data2 = "345.678.910.111:99"
value3 = "proxyoverride"
data3 = ""
sh.regwrite key & value1, data1, itemtype1
sh.regwrite key & value2, data2, itemtype2
sh.regwrite key & value3, data3, itemtype2
msgbox "internet access has been disabled terminal. please contact sytem administrator"
end if
------------------------------------------------------------------------------------------------
luck,
tom
Windows Server > Remote Desktop Services (Terminal Services)
Comments
Post a Comment